Lucene search
+L

1570 matches found

CVE
CVE
added 5 days ago8 views

CVE-2026-10670

The CVE describes a local denial of service in Zephyr’s kernel: the CONFIG_USERSPACE verifier for k_thread_name_copy() dereferences ko without NULL checking after k_object_find() returns NULL for unregistered pointers. This NULL dereference occurs in supervisor mode, causing a kernel fault and po...

5.5CVSS6.2AI score0.001EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 5 days ago8 views

CVE-2026-10670 User-triggerable kernel NULL-pointer dereference (DoS) in `k_thread_name_copy()` syscall verifier

The CONFIGUSERSPACE verification handler for the kthreadnamecopy system call zvrfykthreadnamecopy in kernel/thread.c calls kobjectfind on the caller-supplied thread pointer and then dereferences the returned struct kobject without checking it for NULL. kobjectfind returns NULL whenever the suppli...

5.5CVSS6.2AI score0.001EPSS
Exploits0References2
OSV
OSV
added 5 days ago3 views

CVE-2026-10671 User thread can re-initialize an in-use `k_pipe`, corrupting kernel wait queues (`CONFIG_USERSPACE`)

In Zephyr's kernel pipe implementation, the userspace syscall verifier zvrfykpipeinit in kernel/pipe.c used KSYSCALLOBJ which requires the kernel object to already be initialized instead of KSYSCALLOBJNEVERINIT which rejects an already-initialized object. As a result, on CONFIGUSERSPACE builds an...

7.1CVSS6.1AI score0.00103EPSS
Exploits0References5
NVD
NVD
added last week10 views

CVE-2026-10667

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00109EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added last week6 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References2
Cvelist
Cvelist
added last week35 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00109EPSS
Exploits1References2
CVE
CVE
added last week18 views

CVE-2026-10667

Zephyr CVE-2026-10667 affects SMP builds with CONFIG_USERSPACE and dynamic objects (CONFIG_DYNAMIC_OBJECTS). The bug is a use-after-free in the dynamic kernel-object tracker: k_object_wordlist_foreach() iterates obj_list under lists_lock while removals and frees occur under objfree_lock/obj_lock,...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References2Affected Software1
OSV
OSV
added last week7 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/07/10 9:38 a.m.9 views

USN-8492-5: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
SUSE Linux
SUSE Linux
added 2026/07/08 2:59 p.m.15 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. CVE-2025-71294:...

9.3CVSS6.9AI score0.00533EPSS
Exploits3References450
RedHat Linux
RedHat Linux
added 2026/07/08 4:26 a.m.5 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
Fedora
Fedora
added 2026/07/07 1:11 a.m.10 views

[SECURITY] Fedora 43 Update: kernel-headers-7.1.3-100.fc43

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

8.8CVSS6.2AI score0.0012EPSS
Exploits5
Fedora
Fedora
added 2026/07/07 12:51 a.m.10 views

[SECURITY] Fedora 44 Update: kernel-headers-7.1.3-200.fc44

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

8.8CVSS6.2AI score0.0012EPSS
Exploits5
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.9 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:9 p.m.5 views

EUVD-2026-41927

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 8:9 p.m.12 views

CVE-2026-21369

CVE-2026-21369 describes a memory corruption in the camera driver when handling flash commands. The root cause is outdated LED count values being used after userspace modification, leading to out-of-bounds/write conditions. The weakness is limited to local attack vector with high complexity and l...

5.3CVSS6AI score0.0006EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.39 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.14 views

PT-2026-55989

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto affected versions not specified Description Memory corruption occurs when handling flash commands. This issue is caused by the use of outdated LED count values following modifications made in userspace. Recommendations...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References5
Rows per page
Query Builder